-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 23 Feb 2013 09:33:13 +0100 Source: python-django Binary: python-django python-django-doc Architecture: source all Version: 1.4.4-1 Distribution: unstable Urgency: low Maintainer: Chris Lamb <lamby@debian.org> Changed-By: Raphaël Hertzog <hertzog@debian.org> Description: python-django - High-level Python web development framework python-django-doc - High-level Python web development framework (documentation) Closes: 700483 701186 Changes: python-django (1.4.4-1) unstable; urgency=low . * New upstream security and maintenance release. Closes: #701186 https://www.djangoproject.com/weblog/2013/feb/19/security/ Fixes mulptiple security issues: - Further fixes for Host header poisoning. CVE-2012-4520 - XML attacks via entity expansion. CVE-2013-1665 - Data leakage via admin history log. CVE-2013-0305 - Formset denial-of-service. CVE-2013-0306 * Add gettext to Suggests since it's required for django-admin compilemessages / makemessages. Closes: #700483 Checksums-Sha1: 38fb931786fa14eb9b8fc4e2ea7aa1aa6b2f72f9 2227 python-django_1.4.4-1.dsc 7f4da833006b58929cbfd4ba5d11e6448c5846fc 7740176 python-django_1.4.4.orig.tar.gz bcba0843b0e759edbf53838598c0546a615de43e 19856 python-django_1.4.4-1.debian.tar.gz f4baec47dc0ee3fc78722a96cff70941c1043e72 5367026 python-django_1.4.4-1_all.deb 3a73fffad101a64299b68070dd2d24b1462b69f7 2431524 python-django-doc_1.4.4-1_all.deb Checksums-Sha256: 965bb364e75a2c7539fb1756395eda84b5bf1899c0831c03cf01921c44af8e31 2227 python-django_1.4.4-1.dsc 0dd9fa4f0dfc4f64eedecc82bde8dfe15a0a420ceeb11ca1ed050f1742b57077 7740176 python-django_1.4.4.orig.tar.gz 3fe8425e9b489aeae12bc7ad4f6b25a2dd5551fc0c33692e42794096ef8809fa 19856 python-django_1.4.4-1.debian.tar.gz c9bc1cbb5d8234918e842e2000b0d84be0d63549df27460da6de980f4e27feaa 5367026 python-django_1.4.4-1_all.deb ceaa8cec41e224039d7eea4d5a1cf33e6de5ac03b8cb694cafe8067831eba01a 2431524 python-django-doc_1.4.4-1_all.deb Files: 0142dbfd3d85bcf71d3494119aec1ced 2227 python optional python-django_1.4.4-1.dsc 833f531479948201f0f0a3b5b5972565 7740176 python optional python-django_1.4.4.orig.tar.gz 4be82335fca9d168cf8dfae83a86c8eb 19856 python optional python-django_1.4.4-1.debian.tar.gz c76fbe5c855aed2b1e91ac215656b8c9 5367026 python optional python-django_1.4.4-1_all.deb 2dcdbf7a234192ffe1a4b6da5159d617 2431524 doc optional python-django-doc_1.4.4-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Signed by Raphael Hertzog iQIcBAEBCAAGBQJRKMeeAAoJEOYZBF3yrHKadeEQANA3jY2r1XgPQo+VfBI8h7eV sZs0rSPvmvqgTV3PBrMwst0qyB/I2O8f+Swz0XwcX5P/0MS96uCeqwYDRn2wcC0I a9BToRXOQKTKKMhJyu/pPWxAp930RnwObfotc1X8x7Pq2FD0Qkprqe+D85pI6xDJ cUj9xyint4FZJEOjcFT7wP8UgckPaTb7+7gnlTfSkVD4JjKjhhkX8JsuD1lRjJwi HzulXKeTLHmEe6uYKZj8a0Yt9x9bgpdgkN1rknO4NVyGbFRSuoawxxrDz5ylmTbe eIqMrwqrovsH1vVgCIA+Icn5iwhZp/JsMpphpBIYsgNrLo9KydmqXthc+x9KkBCW a9jYDae00Im0PYjgoSK7wU7zLq8dmPtqvCY5xhlVkk2RgALzPMjl7V/yzRKEQEDe Qct9QRKrsqrhgC1C0Axu/p0/OCiLRCQz53CwJneXzEQfS5zJ+lt3VhSIF4ZlWMlr 0beD/vxLr0W0BVMeGTmBukjqeM6Oc2e86HUqV4FvqC9LEP8zX7UKHJ1JMZhlePcQ S+c+BGbW9gebV/3YcFHYAZQszUL0VnMschE9MT3+SMpyH4J53ejkP6hocfZFpHV3 Y7VM01lRmJqu+jYtrb4RD6vqf9YAJaUaBsR5NnLVPw0Er6mceMKUjQ1m+hx7Eu+A hHqXsFYUWejwWF12zkJ4 =XsQO -----END PGP SIGNATURE-----